09 September
A big monthSecurity
- AI
- Really hard to decipher, specially Deep Learning.
"Explainability" - RiskyBiz (Homer Strong, director of data science at Cylance) https://risky.biz/RB467/
- There are AI to help understand other AI: Lime?
- There are simplified AI derived from the full AI, but more
understandable - Being obscure is part of the security of this product?
- You can whisper near 20kHz to Siri or Amazon. Still requires about $3 of hardware: https://endchan.xyz/.media/50cf379143925a3926298f881d3c19ab-applicationpdf.pdf https://www.fastcodesign.com/90139019/a-simple-design-flaw-makes-it-astoundingly-easy-to-hack-siri-and-alexa
- Facial recognition: from one phone to another (Galaxy Note 8) https://twitter.com/MelTajon/status/904058526061830144
- AttackIQ: measure you detection capabilities https://www.attackiq.com/ "continuously challenges your security assumptions"
- Intel Kill switch by the NSA ! https://www.bleepingcomputer.com/news/hardware/researchers-find-a-way-to-disable-much-hated-intel-me-component-courtesy-of-the-nsa/ (Source https://risky.biz/RB467/)
- SELinux for the win: https://doublepulsar.com/hardening-apache-struts-with-selinux-db3a9cd1a10c
- IoT & HTTPS https://neosmart.net/blog/2017/lets-stop-punishing-iot-devices-that-embrace-https-shall-we/ and FlyWeb https://wiki.mozilla.org/FlyWeb
- MITM Proxy: https://mitm.watch/
- Hardware attack: Flash dumping https://blog.quarkslab.com/flash-dumping-part-i.html
- Unikernel progress (XEN) https://lists.xen.org/archives/html/xen-devel/2017-09/msg00670.html
Social
- After https://soundcloud.com/buddhistgeeks Buddhist Geeks "Dharma in the Age of the Network": Meditate.io "A Practical Map of the Journey toward Radical Freedom"
- "Surgeon Paolo Macchiarini was hailed for turning the dream of regenerative medicine into a reality – until he was exposed as a con artist and false prophet" https://www.theguardian.com/science/2017/sep/01/paolo-macchiarini-scientist-surgeon-rise-and-fall
- Les cours de Zététiques sur YouTube: #TodoPerso
- Des sociétes de Service comme intermédiaires pour les independants http://blog.ackx.net/quatre-ans-avec-atos.html